Loading ...

Author: admin

Hundreds of Gigabytes of Data Lost in Attacks Targeting Managed Service Providers

Hacked - Grants Pass, OR

“In a new stunning example of the scale and sophistication of online cybercrime, just before the holidays, DOJ charged two hackers with stealing hundreds of gigabytes of data—including sensitive intellectual property, confidential business data, and personal information from companies and government agencies around the world—as part of a multi-year cyber-espionage campaign that targeted managed service providers (MSPs) directly, bypassing the protections of client systems. This indictment is the latest example of the U.S. government’s use of the criminal justice system to crack down on state-sponsored economic espionage.

As alleged in the indictment, the hackers belong to what is believed to be an elite, Chinese government-sponsored group known within the cyber-security community as Advanced Persistent Threat 10 (APT10). The targets of the hacking campaign included companies in the aerospace, health care, biotechnology, finance, manufacturing, and oil and gas industries, as well as U.S. government agencies, such as NASA and the U.S. Department of Energy.”

https://www.lexology.com/library/detail.aspx?g=1068fd0a-8388-4453-aa7b-6872a5c96536

Anatomy of the Breach

The indictment alleges that APT10’s MSP Theft Campaign began in 2014 and involved three stages.

  1. The hackers gained unauthorized access into the MSPs’ computers and installed malware allowing APT10 to remotely monitor the computers and steal login credentials.
  2. The group then used these stolen credentials to move laterally into each MSP’s network and the networks of their clients, further spreading the malware infection.
  3. APT10 identified data of interest on these compromised computers and created packages for exfiltration using encrypted archives, allowing the hackers to move the data from one system to another before ultimately transferring it to APT10’s computers.

This sort of breach calls into question the operating procedures of MSPs everywhere, their security practices, and moral compass. If IT support staff are not trained in best practice and cannot keep from being infected via websites or emails, then what business do they have managing larger network systems with sensitive data.

If you are unsure of your MSPs practices and would prefer a company with transparency, then contact us for assistance.

Benefits of a Cloud-Based Phone System

As small businesses change and grow, the ability to quickly scale up — or down — becomes a necessity. Adding new employees, for example, requires the company to adapt its phone system to accommodate the need for more lines.

That is harder to accomplish using traditional on-premise telephony systems due to higher setup and maintenance costs, the need for hardware on-site and reliance on IT support. A cloud-based phone system, on the other hand, would enable small businesses to manage communication services in a less costly, more streamlined and agile manner.

Benefits of a Cloud-Based Phone System

1. Fully-Integrated Communications System

Business tools that operate in the cloud are easy to deploy, enabling employees to stay connected whether they are in the office or on the go. In this way, the cloud provides a consistent business presence and helps to increase productivity with seamless access to CRM tools, email, instant messaging, voice and videoconferencing.

2. Control Over Modes of Communication

A cloud-operated system puts businesses in the driver’s seat, allowing them to pick and choose what features they need, with access to turn them on or off easily. Also, cloud solutions give employees anytime, anywhere access via a smartphone, desk phone or softphone to all their calling features.

3. Top Line Business Features

A cloud-based phone system would give small businesses access to the types of network applications that one would typically find at larger corporations. These include features such as a Virtual Assistant, Auto Attendant, Never Miss a Call or Call Center solutions.

4. Mobility and Ease of Use

Today’s workplace is increasingly mobile, and small businesses especially need to be able to operate from multiple locations. With a cloud-based system, small business employees have access to features that allow them to log in from anywhere so that they can be reached while on the go, giving customer-facing and revenue-producing employees greater control over their productivity.

5. Time Management and Efficiency

Web-based customer portals enable IT staff to manage their system more efficiently. With insight into the installation, service configuration, trouble tickets, training, billing and call analytics, this full access to a customer’s system and account allows them to spend fewer resources on project management and focus more on work that adds to the bottom line.

6. Flexibility to Scale Up (and Down)

As a business grows, so does the need to hire new employees, open new offices and onboard new customers. This requires a communications system that can scale up — or down — as the need arises. With a cloud-based phone system, businesses can add as many extensions as they need to accommodate heightened call volume, or, if necessary, simply call in to deactivate these extra extensions. Unlike traditional systems, businesses only pay for the extensions they need for as long as they need them.

7. Business Continuity

Working with a phone system “in the cloud” allows businesses to remain connected to their customers no matter the environment. A cloud-based communications system is likely to be unaffected by outside factors such as severe weather or other issues that may keep employees from getting to the office.

8. Improved Customer Service

With the Virtual Receptionist (VR) or Auto Attendant feature, businesses can easily direct calls to various departments and even create greetings unique to a given department. For example, a business could set up a holiday greeting in advance (via the administrative portal) and pre-set it to revert to the non-holiday greeting on a specified date. It could also add an on-hold message about special promotions or commonly asked questions.

9. New Service Features Added Easily

During busy seasons, some businesses will add premium calling features to increase call-taking efficiency and maximize staffing. Call Groups, for example, allow incoming calls to ring on multiple extensions. Call Queues provide a “dynamic waiting room” for callers that let businesses customize the on-hold experience and better manage call volume. Both help to decrease voicemails, missed calls and busy signals, enabling service to as many callers as possible.

10. Cost Savings

Cost savings are another benefit of cloud-based phone system.  Moving telecommunications off of PBX platforms and to the cloud can be less expensive relative to monthly service rates versus that of a traditional system, helping to reduce costs and, ultimately, increase profitability.

If your company is looking to reap the benefits of moving to the cloud, then contact us for assistance.

Anatomy of a Breach

Read an amazing article published by Microsoft detailing the roadmap a hacker uses to breach a computer network. You can read the full article here:

https://cloud-platform-assets.azurewebsites.net/anatomy-of-a-breach/

Summary of a Breach

Phase 1: Break-In: Hackers are still using phishing emails, bad passwords, social media links, and poorly patched systems to make their way in with the initial infection. Employee training is the first step towards preventing breaches for 9 out of 10 companies now (and it is included in the price for all our monthly clients).

Phase 2: The Inside Man: Once inside the hacker will scan the network for further vulnerable systems, employees with more access rights than they need, and systems that allow access into other parts of the network. Having systems in place that detect strange or malicious activity are key to stopping an infection in its tracks.

Phase 3: Spread Out: This is where the hacker has all the access they need and start to find the data that is worth selling. Hackers will usually start moving data to places it doesn’t belong on the network then downloading it to their computers for resell. This is where strong access policies that are clearly defined and enforced make the greatest impact to protect sensitive data. 

Phase 4: The Long Con: Once a hacker has taken all they need for the short term payout, they will setup remote access back doors to allow for future access whenever they want to. It almost pays to assume that a breach has already occurred and continually scan the network for these kinds of activity to catch the hackers in the act.

Take the time to read this article, it is a wake-up call on security.

If you would like to learn more about creating an effective cyber defense strategy and mitigating risk, then contact us for assistance.

What is Your Personal Information Worth on the Dark Web?

Dark Web Scanning - Grants Pass, OR

The dark web is often known for the illegal activities conducted there, and while not everything on the dark web is illegal, it’s most appealing factor is its anonymity. The dark web is often a place where stolen data and personal information is bought and sold following a data breach or hacking incident. An article on Experian takes a look at what your personal information is worth on the dark web and how you can help protect yourself from being exposed.

How much is your information worth to an identity thief on the dark web?

Social Security number: $1

Credit or debit card (credit cards are more popular): $5-$110

With CVV number: $5

With bank info: $15

Fullz info: $30

Note: Fullz info is a bundle of information that includes a “full” package for fraudsters: name, SSN, birth date, account numbers and other data that make them desirable since they can often do a lot of immediate damage.

Online payment services login info (e.g. Paypal): $20-$200

Loyalty accounts: $20

Subscription services: $1-$10

Diplomas: $100-$400

Driver’s license: $20

Passports (US): $1000-$2000

Medical records: $1-$1000*

*Depends on how complete they are as well as if it’s a single record or an entire database

General non-Financial Institution logins: $1

Note: Prices can vary over time and prices listed below are an estimation and aggregation based on reference articles and hands on experience of Experian cyber analyst the last two years.

How are criminals purchasing this information on the dark web?

Information can be bought and sold a variety of ways on the dark web, however the most common include:

  1. Purchasing data as a single item, such as a Social Security number.
  2. Purchasing bulk data, such as batches of the same information.
  3. Purchasing bundled data containing various types of information bundled together.

The cost of personal information on the dark web fluctuates, but what is responsible for the change?

The four main factors driving the cost of personal information on the dark web include:

  1. The type of data and the demand for it. The cost often depends on the type of data and the need or ability to use that data.
  2. The supply of the data. If there is less data available for a cybercriminal to purchase, the value of that data increases.
  3. The balance of the accounts. The higher the balance in the stolen account, the higher the cost of the data. The balance could be the amount of money in a particular account as well as points value (i.e., a loyalty account).
  4. Limits or the ability to reuse the data. If the data being purchase can only be used once, the value of that data is worth less to a cybercriminal than data that can be reused multiple times or across various platforms

How can you protect yourself?

Data breaches are becoming increasingly common and are often outside of your control. It is important to help minimize your risk of a hacker gaining access to your accounts by utilizing healthy password practices and by keeping your personal information private unless it is absolutely necessary to share.  Keeping antivirus software and all other software up to date will also play a crucial role in protecting your information, as these updates could contain security patches to fix potential vulnerabilities that could expose your information.

It is also recommended to run a dark web scan on your email address, utilize a dark web monitoring tool and monitor your credit report for potential red flags that your identity may have been compromised.

If your company is concerned about information leakage or breaches, then contact us for assistance.

Windows 7 will be End of Life Shortly

Move to Windows 10 - Grants Pass, OR

With Windows 7 quickly moving to End of Life within a years time, it is time to consider replacing current workstations with newer ones.

Why make the move to Windows 10 Pro?

You’ll get the familiar yet improved desktop and Start Menus as well as all-new features, such as the Cortana personal digital assistant, Live Tiles, Tablet Mode, cloud services integration, improved support for touch, pen and voice and so much more. More importantly, you’ll get hardware and software enabled features that help protect device and company information from ever- evolving security threats. Most importantly, you will meet compliance requirements before they become enforceable.

Move to Windows 10 - Grants Pass, OR

If your company is still using Windows 7 in your business environment, then contact us for assistance.

Windows 10 Version 1803 Removes HomeGroup

According to the following Microsoft Support Post published in October 2018, the HomeGroup feature has now been removed from Windows 10. Most people won’t need to worry about this, but recently ran across a business that had relied on this feature to run their network. With HomeGroup removed from Windows 10 they were left without the ability to share properly with a new computer on the network. So here is how to fix the issue:

How to fix Windows Networking after HomeGroup Removal

  1. Turn off all sharing:
    1. Open Network & Sharing Center
    2. Click on Advanced Sharing Settings
    3. Turn off network discovery (Private & Public)
    4. Turn off file and print sharing (Private & Public)
    5. Turn off Public folder sharing (All Networks)
    6. Turn off Password Protected Sharing (All Networks)
    7. Save Changes
  2. Remove old password:
    1. Open Credentials Manager
    2. Change to Windows Credentials
    3. Remove all $HomeGroup users credentials from networked computers on all computers formerly in HomeGroup
  3. AutoStart Services
    1. Open Services
    2.  Find Function Discovery Provider Host and set to Automatic Startup then Start service
    3. Find Function Discovery Resource Publication and set to Automatic Startup then Start service
    4. Find SSDP Discovery and set to Automatic Startup then Start service
    5. Find UPnP Device Host and set to Automatic Startup then Start service
  4. Add Users
    1. Get username and password for all computers on network
    2. On each computer on the network, open command prompt
    3. For each username, use the command –  net user [username] [password] /add
  5. Turn on all sharing:
    1. Open Network & Sharing Center
    2. Click on Advanced Sharing Settings
    3. Turn on network discovery (Private)
    4. Turn on file and print sharing (Private)
    5. Turn on Public folder sharing (All Networks)
    6. Use 128-bit encryption (All Networks)
    7. Turn on Password Protected Sharing (All Networks)
    8. Save Changes
  6. Recreate Shares (if needed)
    1. Right-click on folder and choose Properties
    2. Click on Sharing tab
    3. Click on Advanced Sharing
    4. Check Share This Folder
    5. Name the share
    6. Click Permissions
    7. Click on Add
    8. Select username and add Full Control then click OK
    9. Repeat for each username
    10. Click OK to return to Properties window
    11. Click on Security Tab
    12. Click on Advanced
    13. Click on Add
    14. Select username and add Full Permissions (or appropriate level) then click OK
    15. Repeat for each username
    16. Check Replace Child Permisssions and click OK
    17. Click OK on all previous windows

Hope this post helps some other techs save the time in fixing Windows 10 networking when HomeGroup is removed.

If your company is still using HomeGroup or needs any help with advanced networking, then contact us for assistance.

Disaster Recovery for Your Phone System

Phone System Disaster Recovery - Grants Pass, OR

What happens to your phones when the power goes out, the internet is down, or the old copper lines are down from a natural disaster? Are your customers going to get a busy signal? How quickly will they call the competition?

Phone System Backup Plan

With a standard phone service there would be nothing to prevent the busy signal from happening. With phone service from Farmhouse Networking all calls have the ability to be automatically forwarded and routed to virtually any person, device, or location. Plus our platform includes connectivity to multiple carriers for redundancy purposes, so no single carrier issue will impact your business.

Disasters might not be under our control, but business can continue to happen even when they occur.

If your company is concerned about losing calls or looking to add the protection a cloud phone system provides, then contact us for assistance.

Security Disaster: It’s not IF, it’s WHEN

Hacked - Grants Pass, OR

When it comes to security threats, it’s not “if” disaster will strike, it’s “when.” So, how will your organization respond? Do you have the proper infrastructure in place to thwart a potential data disaster and if disaster does strike, is your organization poised to recover quickly?

While 100% prevention of a data disaster is impossible, there are several ways you can position your organization to get your systems back up and running with as little disruptions to day-to-day operations as possible:

File Level Backup:
A good file sync and share tool is more than just a way for your team to collaborate on the go, it’s a vital component to your organization’s security strategy. With file level backup, you can ensure that even in the event of a site wide disaster, your team can maintain anytime access to their critical files.

Backup and Disaster Recovery:
Your last line of defense in a site wide disaster, backup and disaster recovery solutions allow you to recover at the systems level. An absolutely necessary piece of your organizational infrastructure, backup and disaster recovery delivers peace of mind that your systems will always be recoverable, even when disaster strikes.

Cloud-to-Cloud Backup:
Cloud-to-cloud backup fills in the gaps left by some of the most commonly used SaaS applications, such as Office 365. Many of these cloud applications fall short in the way of cloud-retention and a good cloud-to-cloud backup solution can help you protect critical business data while providing enhanced features to maximize your user experience and more importantly, security.

Don’t wait to protect your organization from inevitable downtime. Contact our team today to discuss your options for total system protection, both onsite and in the cloud.

The biggest threat to your data security?

Computer Forensics - Grants Pass, OR

You and your employees, that’s who!

It’s an unfortunate reality but our workforce can often times be our worst enemies, often creating vulnerabilities and leaving our systems open to hackers, viruses, data breaches and data loss. More often than not, we do this through completely harmless, everyday activities like opening compromised emails and links.

As a leader in your organization it’s your role to monitor your team and arm them with the knowledge of good security practices. Without implementing a company-wide security training program, you leave your systems vulnerable to a host of attacks.

Another crucial step in preventing system attacks, is to configure a firewall to monitor user activity and website visits throughout your organization. An Acceptable Use Policy is helpful in establishing what your organization will and will not allow from its employees.

Curious how we can help you establish a more secure company infrastructure?

If your company is looking to better protect its data, then contact us for assistance.

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2018 - Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

Something went wrong, try refreshing and submitting the form again.